Lucene search
+L

88 matches found

CNNVD
CNNVD
added 2026/04/07 12:0 a.m.11 views

runZero Platform 安全漏洞

runZero Platform is an asset discovery and attack surface management platform developed by the US company runZero. Versions of runZero Platform prior to 4.0.26021.0 contain security vulnerabilities. These vulnerabilities stem from improper authorization, which may lead to unauthorized updates of...

5.8CVSS5.8AI score0.00208EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/07 12:0 a.m.7 views

PT-2026-30877

An issue that could expose records outside of the authorized organization scope through the MCP endpoints has been resolved. This is an instance of CWE-863: Incorrect Authorization, and has an estimated CVSS score of CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:N/A:N 3.0 Low. This issue was fixed in...

3CVSS5.8AI score0.00174EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/04/07 12:0 a.m.5 views

PT-2026-30835

An issue that allowed a SQL injection attack vector related to saved queries introduced in version 4.0.260123.0. This is an instance of CWE-89: Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection', and has an estimated CVSS score of...

6.4CVSS5.9AI score0.00203EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/04/07 12:0 a.m.7 views

PT-2026-30876

An issue that could expose task information outside of the authorized organization scope has been resolved. This is an instance of CWE-863: Incorrect Authorization, and has an estimated CVSS score of CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N 2.2 Low. This issue was fixed in version 4.0.260205....

2.2CVSS5.8AI score0.00174EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/04/07 12:0 a.m.7 views

PT-2026-30879

An issue that could allow a credential to be updated and used for a task from outside of the authorized organization scope has been resolved. This is an instance of CWE-863: Incorrect Authorization, and has an estimated CVSS score of CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N 5.8 Medium. This...

5.8CVSS5.8AI score0.00208EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/04/07 12:0 a.m.10 views

runZero Platform 安全漏洞

RunZero Platform is an asset discovery and attack surface management platform developed by the US company RunZero. Versions of RunZero Platform prior to 4.0.260202.0 contained security vulnerabilities. These vulnerabilities were due to improper authorization, which could lead to unauthorized acce...

5.8CVSS5.8AI score0.00208EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/04/07 12:0 a.m.14 views

runZero Platform 安全漏洞

RunZero Platform is an asset discovery and attack surface management platform developed by the US company RunZero. Versions of RunZero Platform prior to 4.0.260203.0 contained security vulnerabilities. These vulnerabilities were due to improper authorization, which could allow administrators to...

6.8CVSS5.8AI score0.00191EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/07 12:0 a.m.11 views

PT-2026-30875

An issue that could allow an authorized user to view the clear-text secrets for a subset of credential types and fields has been resolved. This is an instance of CWE-522: Insufficiently Protected Credentials, and has an estimated CVSS score of CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N 5.3...

5.3CVSS5.8AI score0.00196EPSS
Exploits0References3
Rows per page
Query Builder